Security Evaluation and Exploitation of Bluetooth Low Energy Devices
Bluetooth is one of the most prevalent technologies for short-range wireless communications, and its widespread commercial use in security and medical devices makes it a prime target for penetration testers and cyber security experts. This thesis evaluates currently available Bluetooth penetration testing tools. The survey demonstrates that these tools have a limited range of capabilities and most tools are only compatible with a single protocol. This discovery motivates the development of BlueFinder, an open-source range-finding tool compatible with both BTC and BLE devices. Further evaluation reveals 75 percent of the tested security and access control systems had one or more vulnerabilities which resulted in unauthorized access. Malicious actors use these vulnerabilities to gain access to a facility and extract sensitive information, developing patterns of life on an organization from this information and putting a high amount of risk onto the consumer. This work presents existing solutions to avoid BLE security breaches with most fixes requiring minimal implementation overhead for developers.